CVE-2015-1946 Information

Description

IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6 and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0 does not properly implement user roles which allows local users to gain privileges via unspecified vectors.

Reference

http://www.securityfocus.com/bid/75496 http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180 http://www-01.ibm.com/support/docview.wss?uid=swg21959083